Outside IR35 Penetration Tester Contract Jobs

Filter Your Search

Filters

Search
Updating results… 19 Contract jobs sorted by:
Date Posted
Date Posted
Rate
Updating results… 19 Contract jobs

Data Quality Tester

Posted 3 days ago by Careerwise


The Data Quality Tester role involves joining a data engineering team to ensure data quality across various pipelines by...

  • Rate £300 per day
  • Category Outside
  • Work type Hybrid
  • Location London, UK

electrical & instrumentation tester

Posted 4 days ago by Randstand (USA)


Join a multidisciplinary commissioning team as a Senior Instrument & Controls Technician, focusing on the execution of c...

  • Rate Negotiable
  • Category Outside
  • Work type Remote
  • Location orla, texas (remote)

Create a free account to access remote working contract opportunities outside the UK

Sign Up

Senior Digital & Web Analyst

Posted 4 days ago by Fruition Group


The Senior Digital & Web Analyst role is a contract position focused on optimizing the digital customer journey for a gl...

  • Rate £400 per day
  • Category Outside
  • Work type Remote
  • Location London, UK

Senior Digital & Web Analyst

Posted 4 days ago by Jobserve


The Senior Digital & Web Analyst role is a contract position focused on enhancing the digital customer journey for a glo...

  • Rate £400 per day
  • Category Outside
  • Work type Remote
  • Location London

electrical & instrumentation tester

Posted 5 days ago by Randstand (USA)


Join a multidisciplinary commissioning team as a Senior Instrument & Controls Technician, focusing on the execution of c...

  • Rate Negotiable
  • Category Outside
  • Work type Remote
  • Location dallas, texas (remote)

Create a free account to access remote working contract opportunities outside the UK

Sign Up

Stay Updated on Contract Jobs

Never miss another opportunity with our email alerts.

Save your searches to be notified as soon as new jobs are added.

Get Job Alerts

Senior AI Engineer - Image Generation Diffusion

Posted 5 days ago by TechNET IT Recruitment Ltd


The Senior AI Engineer role focuses on supporting a major AI transformation program in the online fashion retail sector,...

  • Rate Negotiable
  • Category Outside
  • Work type Hybrid
  • Location London Area, United Kingdom

Penetration Tester

Posted 6 days ago by Pro Contract Jobs Ltd


The role of Infrastructure Penetration Tester involves joining a team to deliver a significant multi-phase testing progr...

  • Rate Negotiable
  • Category Outside
  • Work type Undetermined
  • Location London, UK

Senior QA Tester (SC Cleared)

Posted 6 days ago by Fruition Group


The Senior QA Tester (SC Cleared) role is focused on ensuring the delivery of high-quality software and systems within a...

  • Rate Negotiable
  • Category Outside
  • Work type Hybrid
  • Location Leeds, Yorkshire, UK

Data Quality Tester

Posted 6 days ago by Careerwise


The Data Quality Tester role involves joining a data engineering team to ensure data quality across various pipelines by...

  • Rate £300 per day
  • Category Outside
  • Work type Hybrid
  • Location London, UK

Penetration Tester

Posted 7 days ago by Jobserve


The role of Infrastructure Penetration Tester involves joining a team to deliver a significant multi-phase testing progr...

  • Rate Negotiable
  • Category Outside
  • Work type Undetermined
  • Location London

Principal Cloud Engineer

Posted 1 week ago by Commify UK Limited


The Principal DevOps Engineer at Commify will serve as the senior technical authority within the team, focusing on the d...

  • Rate £82,500 per year
  • Category Outside
  • Work type Hybrid
  • Location Nottingham, Nottinghamshire

Senior QA Tester (SC Cleared)

Posted 1 week ago by Fruition Group


This role is for a Senior QA Tester with active SC clearance, focusing on delivering high-quality software and systems i...

  • Rate Negotiable
  • Category Outside
  • Work type Hybrid
  • Location Leeds, UK

Senior QA Tester (SC Cleared)

Posted 1 week ago by Fruition Group


This role is for a Senior QA Tester with active SC clearance, based in Leeds, offering a hybrid working arrangement. The...

  • Rate Negotiable
  • Category Outside
  • Work type Hybrid
  • Location Leeds (LS1), LS1

Senior QA Tester (SC Cleared)

Posted 1 week ago by Fruition Group


This role is for a Senior QA Tester with active SC clearance, based in Leeds with a hybrid working arrangement. The posi...

  • Rate Negotiable
  • Category Outside
  • Work type Hybrid
  • Location Leeds, England, United Kingdom

qa tester- lexcel

Posted 1 week ago by Randstand (USA)


The Senior Payments QA Consultant role involves leading the simulation and test execution for a significant Fuel Pre-Aut...

  • Rate Negotiable
  • Category Outside
  • Work type Remote
  • Location san mateo, california (remote)

Create a free account to access remote working contract opportunities outside the UK

Sign Up

Infrastructure Tester - DV cleared

Posted 1 week ago by CBSbutler


The role of Infrastructure Tester involves hands-on testing within a secure government program in Basingstoke, focusing...

  • Rate £600 per day
  • Category Outside
  • Work type Onsite
  • Location Basingstoke

Penetration Tester

Posted 2 weeks ago by Pro Contract Jobs Ltd


The role of Infrastructure Penetration Tester involves joining a team to deliver a significant multi-phase testing progr...

  • Rate Negotiable
  • Category Outside
  • Work type Undetermined
  • Location London, UK

Security Consultant - DV Cleared

Posted 2 weeks ago by Hays Specialist Recruitment


This role is for a Security Subject Matter Expert on a 6-month contract, based on-site in Corsham, supporting a key Defe...

  • Rate £600 per day
  • Category Outside
  • Work type Onsite
  • Location Corsham, Wiltshire, UK

IFS Functional Tester

Posted 2 weeks ago by Recruit 121 Group


The IFS Test Analyst role involves writing detailed UAT test scripts for an IFS implementation programme that is current...

  • Rate Negotiable
  • Category Outside
  • Work type Remote
  • Location United Kingdom

About Our Outside IR35 Penetration Tester Contract Roles

What does a penetration tester contractor do?

The Penetration Tester contractor role centres on the ability to conduct authorised simulated attacks against an organisation's systems, networks, applications, and people in order to identify security vulnerabilities before malicious actors can exploit them. The work is methodical and technically demanding, requiring the contractor to think and operate like a sophisticated attacker while remaining within the rules of engagement and documenting all findings with the rigour needed to support remediation. Penetration testing contracts span a range of scopes: infrastructure tests targeting internal or external network infrastructure, web application tests against specific applications and APIs, mobile application tests on iOS and Android, social engineering and phishing simulations, and full red team exercises that simulate an advanced persistent threat across a complete attack chain.

Penetration Tester contractors are expected to have deep technical knowledge of offensive security techniques across the relevant domains. Web application penetration testing requires expert-level familiarity with the OWASP Testing Guide, Burp Suite Professional for intercepting and manipulating web traffic, and the ability to manually identify and verify complex vulnerabilities including business logic flaws that automated scanners miss. Network penetration testing requires knowledge of Active Directory attack techniques including Kerberoasting and Pass-the-Hash, post-exploitation and lateral movement methodology, and tools including Nmap, Metasploit, and Bloodhound. Red team contractors need experience with command and control frameworks such as Cobalt Strike or Havoc, custom implant development, and the operational security practices needed to simulate advanced adversaries convincingly. CREST CRT or CREST CCT, OSCP, and CHECK Team Leader credentials are the recognised benchmarks in the UK market and are frequently required by financial services and government clients.

What is the market like for penetration tester contractors?

Penetration Tester contracting is one of the most consistently in-demand and well-paying specialisms within the cybersecurity contractor market. Regulatory requirements for regular penetration testing across financial services, healthcare, critical national infrastructure, and e-commerce ensure a structural floor of demand, and the growing recognition that compliance-driven testing should be supplemented by more sophisticated red team assessments is expanding the market upwards. CREST-certified testers with CHECK approval are in particularly strong demand across government and financial services, where these credentials are required for sensitive system testing. Supply of genuinely skilled penetration testers is limited by the depth of knowledge required and the length of time needed to develop that expertise, maintaining strong rates across the discipline.

What does Outside IR35 mean?

IR35 is UK tax legislation that determines whether a contractor is genuinely self-employed or working in a manner that resembles employment. When a contract is classified as outside IR35, the engagement is treated as a business-to-business arrangement. The contractor operates through their own limited company, invoices for services, and manages their own tax affairs including corporation tax, self-assessment, and VAT where applicable.

Outside IR35 engagements are assessed against three key factors: the degree of control the client exercises over how the work is delivered, whether the contractor has a genuine right to provide a substitute, and whether there is a mutuality of obligation between the parties. Contracts that demonstrate contractor autonomy, project-based delivery, and the absence of ongoing employment obligations are more likely to sit outside IR35. Since April 2021, responsibility for making this determination sits with the end client for medium and large private sector organisations.

On QualityContracts.co.uk, approximately 28% of roles with a stated IR35 status are classified as outside IR35. The proportion varies by sector and role type, with some disciplines seeing a significantly higher or lower share of outside IR35 opportunities. Each listing on this page displays its IR35 status where provided by the hiring organisation.

What penetration tester roles are usually Outside IR35?

Penetration testing has a healthy outside IR35 market, with around 45% of contracts sitting outside among those specifying IR35 treatment. Pen testing engagements are inherently project-based: testing a defined scope of systems against agreed rules of engagement, producing a report, and moving on. CREST and CHECK accredited testers are particularly well positioned for outside IR35 work, as the accreditation framework already structures testing as discrete engagements. Security consultancies and organisations commissioning periodic assessments are the standard route to market.

How much do penetration tester contractors usually earn when working Outside IR35?

Contract rates for penetration tester roles typically range from £500 to £900 per day, depending on the scope of the role, required expertise, and the delivery expectations of the engagement. Rates shown are for outside IR35 engagements and reflect the gross day rate paid to the contractor's limited company before any personal tax obligations.

How many Outside IR35 penetration tester vacancies are there on Quality Contracts?

Over the past twelve months, we have tracked over 150 penetration tester contract roles across the site. Of the roles currently listed on our site, around one in four are Outside IR35. Data reviewed up to June 2026.